WEBREALM (JANUS DEFINE parameter)

From m204wiki
Revision as of 16:02, 8 March 2011 by 198.242.244.47 (talk) (Created page with "{{DISPLAYTITLE:WEBREALM}} <span class="pageSubtitle"><section begin="desc" />xxxx<section end="desc" /></span> WEBREALM is a parameter on JANUS DEFINE, which defines and set...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

<section begin="desc" />xxxx<section end="desc" />

WEBREALM is a parameter on JANUS DEFINE, which defines and sets characteristics of a Janus port. See the List of JANUS DEFINE parameters.


This parameter indicates the security "realm" of userids and passwords. If a browser encounters a login required response (401 Unauthorized) from a server, it will attempt to use a userid and password that it already has for the realm specified in this response even if the userid and password were for a different server. If the browser has no saved userid and password for the realm, it will put up a login pop-up window to prompt the end-user for a userid and password. On all known browsers this pop-up window will contain the name of the security realm.

The default security realm for Janus Web ports is "Model 204" followed by (in parentheses) the jobname under MVS or the VM name under CMS. If the name of the realm specified with WEBREALM contains spaces or other Model 204 word separator characters, the realm must be specified inside of single-quotes. If the realm is to contain single-quotes, each single-quote must be doubled, as in

JANUS DEFINE DATEWEB 80 WEBSERV 20 WEBREALM - 'General Peppers Lonely Hearts Club'


Most browsers will save userids and passwords for a security realm for an indefinite period of time during a browser session. Most browsers will also save the userid for a realm between browser sessions so that a user can simply enter the password without re-entering the userid for subsequent browser sessions, if appropriate. Some browsers, including old releases of Microsoft's Internet Explorer&TRADEMARK, will save passwords (optionally under newer releases) between browser sessions. This is a major security hole at public workstations. This may be best handled by refusing to do any secure processing on the behalf of releases of web browsers that have this security flaw.

Valid only for WEBSERV ports.

References

See: List of Janus commands | List of JANUS DEFINE parameters.